Vulnerabilities > Vmware > Cloud Foundation > 3.10.2.2

DATE CVE VULNERABILITY TITLE RISK
2021-09-23 CVE-2021-22007 Unspecified vulnerability in VMWare Cloud Foundation and Vcenter Server
The vCenter Server contains a local information disclosure vulnerability in the Analytics service.
local
low complexity
vmware
2.1
2.1
2021-09-23 CVE-2021-22008 Unspecified vulnerability in VMWare Cloud Foundation and Vcenter Server
The vCenter Server contains an information disclosure vulnerability in VAPI (vCenter API) service.
network
low complexity
vmware
5.0
5.0
2021-09-23 CVE-2021-22009 Exposure of Resource to Wrong Sphere vulnerability in VMWare Cloud Foundation and Vcenter Server
The vCenter Server contains multiple denial-of-service vulnerabilities in VAPI (vCenter API) service.
network
low complexity
vmware CWE-668
5.0
5.0
2021-09-23 CVE-2021-22012 Missing Authentication for Critical Function vulnerability in VMWare Cloud Foundation and Vcenter Server
The vCenter Server contains an information disclosure vulnerability due to an unauthenticated appliance management API.
network
low complexity
vmware CWE-306
5.0
5.0
2021-09-22 CVE-2021-21991 Unspecified vulnerability in VMWare Cloud Foundation and Vcenter Server
The vCenter Server contains a local privilege escalation vulnerability due to the way it handles session tokens.
local
low complexity
vmware
4.6
4.6
2021-09-22 CVE-2021-21992 Unspecified vulnerability in VMWare Cloud Foundation and Vcenter Server
The vCenter Server contains a denial-of-service vulnerability due to improper XML entity parsing.
network
low complexity
vmware
6.8
6.8